Cisco's AnyConnect Secure Mobility Solution is a two-box enterprise play that poses some problems for small and midsized businesses.
The Adaptive Security Appliance (ASA) piece of the puzzle delivers firewall and VPN, but not the other security features found in an integrated unified threat management (UTM) device. For example, content scanning for malware requires an add-in hardware module and a subscription, as does intrusion prevention.
The problem is that you can only put a single add-in hardware module in any of the appliances, so you have to pick whether you want intrusion-prevention system or anti-malware in your VPN gateway, rather than having the ability to use both as most other UTM firewalls allow.
When the ASA is acting as a firewall, picking one or the other makes sense, because you usually leave anti-malware to end-point software and an anti-spam gateway. When the ASA is acting as a VPN concentrator, however, having both protections is a very attractive defense-in-depth strategy, but the ASA doesn't allow you to do that directly.
In an enterprise environment, Cisco solves this problem by recommending the second box, the full-feature IronPort S-series Web security appliance. (See Forced upgrades rankle Cisco customers.)
However, the two-box solution could have a side effect of pushing Cisco remote access out of the price range and complexity level appropriate for many small business networks.
Bryan Lunduke talks with Martin Wimpress—the man behind Ubuntu MATE—about why he decided to make his...
I love my iPhone 6 Plus—and that’s Apple’s problem.
The Internet of Things is predicted to grow to a $1.4 trillion market by 2020, which means there are...
The website of toy maker Maisto was infected with malicious code that distributed CryptXXX, a new and...
Follow these steps to reap the benefits of SDN without disrupting your IT environment
Three ways to respond to demands for a fast, iterative, rapid-feedback monitoring solution
Flame wars in the bug tracker might be exactly the right (harsh) feedback your code needs